Skip to content
Effettua una ricerca per conoscere i prodotti e le soluzioni di InterSystems, le opportunità di carriera e altro ancora.

Alert: HS2022-01: Multiple InterSystems IRIS for Health & HealthShare Alerts

March 1, 2022

There are 22 alerts in the HealthShare HS2022-01 Alert communication. The Alert Summary is in the table below, and the detail is contained in the attached document: HS2022-01-Communication

AlertProduct & Versions AffectedRisk Category
HS2022-01-01: Vaccination Dates Misrepresented in Some CircumstancesAll versions of:
Information Exchange
Unified Care Record
Personal Community
HealthShare Health Connect
InterSystems IRIS for Health

3-Medium Risk
(Operations)

2-Low Risk
(Clinical Safety)

HS2022-01-02: Invalid Handling of Multiple Reference Ranges in CDA and C-CDA DocumentsAll versions of:
Information Exchange
Unified Care Record (through 2021.1)
3-Medium Risk
(Clinical Safety)
HS2022-01-03: Security Check for Emergency Access to Patient Records Fails to Occur in Some SituationsAll versions of:
Information Exchange
Unified Care Record (through 2020.2)
3-Medium Risk
(Privacy)
HS2022-01-04: Security Vulnerability in Unified Care Record 2020.2.0Unified Care Record:
2020.2.0 (Build 8620)
4-High Risk
(Security)
HS2022-01-05: Customers on Unified Care Record 2020.2 and 2021.1 Must Install a Patch Before Upgrading to a Later Version

Version 2020.2, 2021.1 of:
Unified Care Record
Clinical Viewer
Health Insight
Patient Index
Personal Community
Care Community

Version 2020.2, 2021.1, 2021.2, 2021.3 of:
Provider Directory

4-High Risk
(Operations)
HS2022-01-06: Configuring the Classic Clinical Viewer Requires Outdated Third-Party SoftwareAll versions of:
Unified Care Record (Classic Clinical Viewer only)
4-High Risk
(Security)
HS2022-01-07: Users may not be able to Log Out of Clinical ViewerAll versions of:
Information Exchange
Unified Care Record (through 2020.2)
4-High Risk
(Privacy)
HS2022-01-08: Access Gateway Aggregation Cache Grows over TimeUnified Care Record:
2020.1, 2020.2, 2021.1, 2021.2
2-Low Risk
(Operations)
HS2022-01-09: Incompatibility in HL7toSDA3 Customizations when Upgrading from HealthShare 15.03 or earlierInformation Exchange:
15.03 or earlier (when upgrading to Unified Care Record)
Not Rated
HS2022-01-10: IHE Endpoints should use Appropriate CredentialsAll versions of:
Information Exchange
Unified Care Record
3-Medium Risk
(Security)
HS2022-01-11: ODS Namespace Reactivation Can Result in Prolonged DowntimeUnified Care Record:
2019.1, 2019.2

4-High Risk
(Operations)

1-Very Low Risk
(Clinical Safety)

HS2022-01-12: Upgrade of ODS may Require Manual Intervention to CompleteUnified Care Record:
2020.1 (when upgrading to version 2020.2)
5-Very High Risk
(Operations)
HS2022-01-13: ODS Audit Data Inaccessible after Upgrade to Version 2020.1Unified Care Record:
2019.1 or 2019.2 (when upgrading to 2020.1)
3-Medium Risk
(Privacy)
HS2022-01-14: System-wide and Facility-level Clinical Consent Policies Ignore Event DatesAll versions of:
Information Exchange
Unified Care Record (through 2021.1)
2-Low Risk
(Privacy)
HS2022-01-15: FHIR Requests Not Being Evaluated Properly for ConsentUnified Care Record:
2020.1
4-High Risk
(Privacy)
HS2022-01-16: FHIR “$everything” Operation Can Return Unconsented DemographicsAll versions of:
Information Exchange
Unified Care Record (through 2021.1)
3-Medium Risk
(Privacy)
HS2022-01-17: FHIR Index Performance Issue Can Cause ODS Instability

Information Exchange:
2018.1

Unified Care Record:
2019.1, 2019.2

5-Very High Risk
(Operations)
HS2022-01-18: Security Vulnerability in FHIR Gateway/FHIR Server

Unified Care Record:
2021.1

InterSystems IRIS for Health:
2021.1

3-Medium Risk
(Security)
HS2022-01-19: FHIR Server Does Not Verify Token Revocation

Unified Care Record:
2020.1, 2020.2, 2021.1

InterSystems IRIS for Health:
2020.4, 2021.1

HealthShare Health Connect:
2020.4, 2021.1

3-Medium Risk
(Security)
HS2022-01-20: OAuth Token Scope Not Applied in FHIR Batch Transaction BundlesInterSystems IRIS for Health:
2021.1

3-Medium Risk
(Privacy)

2-Low Risk
(Security)

3-Medium Risk
(Operations)

HS2022-01-21: FHIR Server Interoperability REST Client does not Properly Clean Up Data

InterSystems IRIS for Health:
2020.2, 2020.3

HealthShare Health Connect:
2020.2, 2020.3

4-High Risk
(Operations)
HS2022-01-22: Security Issue in Patient IndexAll versions of:
Patient Index (through 2021.2)
4-High Risk
(Security)

This post is part of the HealthShare HS2022-01 Alert communications process. The same information is also distributed:

If you have any questions regarding this alert, please contact the Worldwide Response Center (WRC).

Latest Alerts & Advisories

15 Aug 2024
InterSystems has corrected a defect that can cause database corruption or errors with multi-volume databases under extremely rare circumstances. Only databases that have been truncated are at risk.
24 Jul 2024
There are four alerts in the HS2024-03 Alert Communication. A summary of each alert is shown below. Details for each alert are contained in the linked document.
24 Jun 2024
Broadcom recently announced a problem that can cause data consistency errors in database applications. The Broadcom article is available here:
30 May 2024
Beginning with the release of InterSystems IRIS® data platform 2022.3, InterSystems corrected the license enforcement mechanism to include REST and SOAP requests. Due to this change, environments with non-core-based licenses that use REST or SOAP may experience greater license utilization after upgrading. To determine if this advisory applies to your InterSystems license, follow the instructions in the FAQ linked below.
01 May 2024
InterSystems has corrected an issue that can cause a small number of SQL queries to return incorrect results. See below for the specifics on impacted queries.
08 Apr 2024
InterSystems has encountered a defect that causes some upgrades of HealthShare® Health Connect to fail. This only affects instances that are not licensed for the use of FHIR® and that have interoperability-enabled namespaces. Under these conditions, the upgrade fails with an error.
19 Mar 2024
In evaluating an IBM Support notification, InterSystems has determined a potential impact for our customers. The notification in question is:
27 Feb 2024
There is 1 alert in the HealthShare HS2024-limited Alert communication. An alert summary for the issue is shown is in the table below. Details for the alert are contained in the attached document: HS2024 Limited Communication.
01 Feb 2024
There are 2 alerts in the HealthShare HS2024-02 Alert communication. An alert summary for each issue is shown is in the table below. Details for each alert are contained in the attached document: HS2024-02-Communication.